Skip navigation
All Places > Products > RSA Archer Suite > Blog > Author: Denise Sposato
1 2 3 Previous Next

RSA Archer Suite

39 Posts authored by: Denise Sposato Employee

2nd Annual Awards Program Recognizes Real-World Implementations Advancing the Value of GRC Strategy, Process, and Technology


2014 GRC Value Award.jpg


GRC analyst firm GRC 20/20 has announced that a large Commercial Bank in the U.S. and RSA Archer have been honored with a 2014 GRC Value Award for the category of Enterprise GRC Platform. The 2nd annual GRC Value Awards recognize real-world implementations for Governance, Risk Management and Compliance programs and processes that have returned significant and measurable value to an organization.


According to Michael Rasmussen, Chief GRC Pundit for GRC 20/20 and internationally recognized expert, “This large Commercial Bank has demonstrated proven business value in Enterprise GRC Platforms with its implementation of RSA Archer as the backbone of their integrated Enterprise Governance, Risk and Compliance program.” In the report, Mr. Rasmussen indicates that the greatest strength in this financial institution's GRC Platform architecture is the interconnectedness of the Platform and the ability to quickly enhance existing solutions or add new use cases.


The GRC Value Awards evaluate and verify both quantitative and qualitative measures of GRC agility, effectiveness, and efficiency within an organization’s GRC implementation.  This large Commercial Bank has a large risk and compliance technology implementation that addresses many business users across multiple business units for a variety of GRC use cases. Through their risk and compliance technology innovation, they have been able to save approximately $1.65 million annually and report significant reductions in time and cost of managing the disparate and disconnected solutions that existed prior to RSA Archer.


According to Mr. Rasmussen, “It is imperative that we recognize today’s successes as a milestone toward advancing GRC maturity. In achieving maturity, GRC is part of the organization’s strategy and operations and supported by a range of technology, knowledge and services - enabling the organization to achieve greater efficiency, effectiveness, and agility in GRC processes and broader business operations.”  We cannot agree more!  RSA Archer heartily congratulates this financial institution on their award-winning and innovative implementation of the RSA Archer GRC Platform and we look forward to seeing continued risk and compliance growth for this Commercial Bank.


You can obtain more information about this GRC implementation by reviewing their case study.  In addition, we encourage you to visit the GRC 20/20 website for more information about the GRC Value Awards.


RSA Archer GRC Roadshow Guest Speaker Opportunity



Without great customers you cannot truly become a great company.  The greatest asset RSA has is its people and its customers. The tremendous wealth of ideas, viewpoints, backgrounds, industries and technologies that our community brings to together is unique to RSA and is an invaluable resource that drives our innovation process.  The RSA Archer Roadshows provides a unique opportunity for customers to come together to network, socialize and hear from their peers how they have addressed their GRC challenges with RSA Archer.


This event offers the opportunity for RSA Archer customers to discuss with peers their GRC challenges, how they were able to implement a GRC program, share ideas, lessons learned as well as the opportunity to promote their GRC program as a leader in the GRC community.


If you would like to have the opportunity to present at one the 2015 RSA Archer Roadshows, below are some details describing the benefits received and general session guidelines.

  • Presenters will have a 30-45 minute speaking session
  • Opportunity to promote the success of their GRC programs
  • Establish themselves and their organization as a GRC leader
  • Help promote the expansion of GRC across their industry and region
  • Showcase unique GRC Use Cases and how RSA Archer was able to help meet those challenges
  • Provide lessons learned, best practices and guidance on how to establish and grow a GRC program


Suggested Topic Areas for Sessions

  • Operational Risk Management
  • IT Security Risk Management
  • Regulatory & Corporate Compliance Management
  • Audit Management
  • Third Party (Vendor) Risk Management
  • Business Continuity Management


If you are interested in presenting at one the 2015 RSA Archer Roadshows, would like additional information or talk to someone to learn more, please reach out to your local RSA Account Executive or contact

Chris Dodge:


Yes, the 2015 RSA Archer GRC Roadshows dates and locations for Minneapolis, Washington, D.C., Southern California, New York City, and Boston. We are pleased to share the schedule with you: 




1500 Park Place, Blvd.

Minneapolis, MN  55416


801 Mount Vernon Place Northwest

Washington, DC  20001



MARCH 5, 2015

Ritz-Carlton, Laguna Niguel

One Ritz-Carlton Drive

Dana Point, CA  92629

Marriott Marquis - Times Square

1535 Broadway

New York, NY 10036



202 Burlington Road

Bedford, MA 01772



The 2015 GRC Roadshow Microsite, with Agendas, Speakers, and Registration Information will be live on or before January 19. We are, however, able to share the 'Agenda at a Glance' with you today:


Registration, Networking and Product Demonstrations

Welcome and Introductions


RSA Archer Session:  Harness Risk and Fuel the Enterprise

In this presentation RSA will discuss how companies can embrace and harness risk to fuel their enterprise, derive value and gain a competitive advantage over companies that do not.  Risk Management will be the primary source of competitive advantage in tomorrow’s market.  Risk must be harnessed to fuel the enterprise towards the next level of success.


Client Discussions:

GRC leaders will discuss how they are using RSA Archer to tackle today’s biggest GRC challenges around enterprise, operational, IT and third party risk, regulatory & corporate compliance, audit and business continuity management. 


Birds of Feather / GRC Working Group Lunch

Enjoy a great lunch and the opportunity to talk with other RSA Archer customers and share ideas, lessons learned and best practices from your peers facing similar GRC challenges.


Advisory Partners:

Insights and best practices for successfully building and deploying a GRC program across your organization.


RSA Product Information

Come see and learn about the newest RSA Archer solutions and offerings, talk to our GRC experts and see the latest RSA solutions in action.


Social and Networking Hour(s)

After a great day of learning about how RSA Archer solutions can help you solve your GRC challenges, kick back and join your fellow Roadshow attendees with a relaxing social and networking event.  Cocktails, conversation, hors d’oeuvres and fun abound. (Where venues permit)


We hope you can join us and attend one of these complimentary GRC Roadshow events.

See you at the Roadshow!

The host cities for the 2015 Roadshows include: Boston, Minneapolis, New York City, Southern California, Toronto and Washington, D.C. For planning purposes, the scheduled Roadshow events will take place in the late February / early March time frame. We are very close to finalizing the dates and locations for each host city.


The full-day ‘complimentary’ GRC Roadshow events provide a unique networking forum that foster engagement with fellow risk and compliance professionals to discuss GRC trends, challenges and opportunities. With highly interactive discussions, case studies, RSA product updates, and more, these events provide a means for you to learn new strategies to achieve maximum performance from your governance, risk and compliance program.


The theme for the 2015 Roadshows is ‘Harness Risk – Fuel the Enterprise.’ If you are interested in presenting at one of the Roadshows, please send an email expressing your interest to Christopher Dodge at and be sure to include your city preference.


We hope to see you at one of the 2015 Roadshow events, and please check back for further updates.

One of the things I love most about the RSA Archer community is that members share their tips for overcoming not just the technical challenges, but also for winning support across the organization. My current favorite example of this comes from Bank of the West, who received a GRC Innovation Award at the RSA Archer Roadshow on 6th December in San Francisco.


When Andrea Dollen joined Bank of the West as business systems administrator, RSA Archer was being used for just one application, a highly customized version of Policy Exceptions. Her goal was to use RSA Archer and on-demand applications to transform more processes, and to build confidence in RSA Archer across the organization. “More users on the Archer platform means more information in it, which means a more accurate and thorough GRC program at Bank of the West.  I needed to ‘wow’ the crowd with new Archer functionality,” she said.


She built and deployed several on-demand applications and customized core applications to provide efficiencies where end user tools were desperately needed, and where executive management wanted visibility (via Dashboards). These covered:

  • Security Case Tracking
  • Legal & Compliance Projects
  • Business Continuity Plan Review with Annual Approvals
  • Disaster Recovery Exercise Action Items
  • Security Strategy Programs & Tasks
  • Archer Support Requests
  • Finding & Task Tracking for Information Security, Information Technology, and Third Party Services (Vendor)
  • Incident Management for Information Security


This innovation in the first few months won over many users, and word started to spread in the organization about RSA Archer. Today, she has a non-stop line of requests for new functionality to be added every day. “Executive management now has visibility into data in ways they never did before,” she said. “This allows them to better plan, make more informed decisions, and balance workloads.  Front-line employees are no longer spending hours massaging data and creating reports for management consumption, as they have all been put into real-time dashboards.  The successful implementation of Archer resulted in hundreds of man hours being saved each month that is now better spent on tasks that were getting overlooked. The Bank of the West team is now more efficient, more confident, and more organized, which also results in happier employees!”


Congratulations to Bank of the West on winning this award! We look forward to seeing the impact RSA Archer will have as the bank continues to innovate its GRC program.



It’s an exciting time for those of us involved in the RSA Archer community. In the face of tough competition from a number of strong entries outlining how organizations have used RSA Archer to transform their businesses, the winners of the GRC Innovation Awards have been chosen. Congratulations to Aon, whose team received their trophy at the RSA Archer Roadshow on 6th November.


Aon is a global provider of risk management, insurance, brokerage, reinsurance brokerage, human resource consulting and outsourcing services. It is a Global Fortune 500 organization with 62,000 employees, supporting three regions in 126 countries with three key business units.


The Security Risk Management (SRM) organization is an internal function supporting and governing the security needs of Aon’s business units and regions globally. As the organization matured, it faced an increasingly complex array of requirements, and implemented RSA Archer to help manage all security aspects associated with Aon’s supply base and client base, and to support the integration of risk management functions globally into one, all-encompassing process.


The deployment has driven improvements across a range of business areas, including:

  • Better coordinated risk activities and enhanced business processes
  • Matured security risk programs
  • Improved business processes and efficiencies
  • Increased risk transparency across the organization, which feeds risk-based decision making.


Besides the business value that the project has added, it features a number of innovative elements that made it stand out for the judges. For example:

  • The Vendor Management module is built on a two-instance architecture that allows external suppliers to provide responses to Aon questionnaires directly into SRM’s system, without compromising security.
  • The Risk Management module uses a three-tiered stackable risk register to allow for consolidation of regional risks onto broad global risks

Aon plans to build upon the success of the RSA Archer implementation by executing the remaining phases of its roadmap which will include new modules and functionality.


Congratulations to Aon on its well-deserved win! We look forward to seeing where it will go next with its RSA Archer technologies..



I’m always fascinated to hear about what our customers are doing with their RSA Archer technologies. So it was understandably rather exciting to be involved in the GRC Innovation Awards that have just taken place within the Archer community. We received entries from a variety of organizations, all justifiably proud of how they’ve driven value for their businesses. The winner for Europe was Telecom Italia Information Technology.


The organization is the provider of ICT products and services to Telecom Italia. It is dedicated to offering the highest standards of infrastructure, systems and application management to its customers, and it holds a number of international accreditations. It was selected as the European winner of the GRC Innovation Award in recognition of the successful implementation of its new Risk Analysis and Management processes based on RSA Archer GRC.


The project involved a mix of elements, including:

  • A combination of several on-demand applications (ODAs) and questionnaires, powered by a unique methodology to systematically implement complex workflows and changes to any ODA, through a consistent and user-friendly GUI
  • A set of custom components to extend ODA capabilities quickly and easily when needed
  • An exclusive web-based infrastructure service that allows users to request more complex elaborations to ODA capabilities
  • A set of automatic tools to significantly reduce the effort needed to develop and maintain custom components, thereby keeping focus on business priorities and not workflow administration


Telecom Italia Information Technology expects a significant increase in productivity across its Risk Management processes. Also security governance is experiencing a boost in productivity, thanks to the implementation of several security indicators and automatic dashboards. These productivity improvements are in turn enabling Telecom Italia Information Technology to increase the number of processes that can be integrated into its Risk Management framework.


My hearty congratulations to the team at Telecom Italia Information Technology for the success of their project and their award win!



Read Susan Read Miller's EMC Pulse Blog: Farthest Up in Ability to Execute, Farthest Right in Completeness of Vision - RSA Archer Customers Make a Difference in GRC Leadership


EMC Pulse

I recently took the plunge and purchased the iPhone, even though I was perfectly happy with my Android HTC EVO, but I really, really wanted access to Siri.


So, as I prepared to set up my new iPhone, it was suggested (strongly) that I, #1, set up the 4-digit password protector to access my phone (ugh), #2, enable auto-lock (really?), and #3, turn on the ‘Find My Phone’ feature.  Whew, I thought, this is a lot of work just to get started … and I haven’t even tried out Siri!


I mean, really, entering a 4-digit password might slow me down by a second, but I’ve never truly ‘lost’ my phone … well, I lost a few Androids in the washing machine, and had to call my cell from my landline more times than I care to admit in this blog to help me find ‘where’ I put the phone down, but was the phone really truly lost?  No.


It did get me thinking, however, that with all the new bells and whistles that come with my new iPhone, and many that I took advantage of with my old Android, comes built in risks for exposure of my personal information.  Scary, I thought.


After all, I’ve been just plain lucky up to this point. My phone is my lifeline … I have everything in the palm of my hand…bank accounts, passwords, 401(k) info, you name it, it’s on my phone. Why I carry a handbag, I don’t know .. but that’s a topic for another blog.


So, can my luck hold out forever … probably not. And now I’m forced to wonder just how protected the rest of my e-life is at this moment. I’m the queen of online purchases, on my phone and on my home computer – I hate malls. I download apps constantly .. huge fan of ‘Words with Friends’ and I can’t get from point A to point B without my GPS – I’m directionally challenged at best. And, text messages are about the only way I communicate with my friends and family today.


I work for RSA, the security division of EMC, and I think I have a good understanding of the importance of managing risk. You purchased a RSA Archer eGRC module to help you manage risks, demonstrate compliance and automate business processes for your company. And you do a great job. But, what about your own personal identity risks – are you as diligent as you should be? We all probably think we are, but have we really considered if we’ve protected our own e-life to the fullest extent to reduce personal damage and liability?  Identity theft is the number one crime in America today, with over 9 million Americans falling victim to identity theft each year and at least 70% of cellphone text spam is designed to defraud us. Ouch!


So, my words of wisdom: be safe, both professionally and personally!

Filter Blog

By date: By tag: